Inside Cyber Warfare

Inside Cyber Warfare

Share this post

Inside Cyber Warfare
Inside Cyber Warfare
VTB Bank Breached by GURMO Cyber Operators
Copy link
Facebook
Email
Notes
More

VTB Bank Breached by GURMO Cyber Operators

Detailed plans about its FSB Headquarters branch are released

Mar 18, 2022
∙ Paid

Share this post

Inside Cyber Warfare
Inside Cyber Warfare
VTB Bank Breached by GURMO Cyber Operators
Copy link
Facebook
Email
Notes
More
Share

GURMO hackers breached the network security of VTB bank and downloaded financial records, videoconference calls, schematic diagrams of the bank’s industrial control systems that control electricity, water, heat, and drainage.

Work order for a new office to serve private clients of the bank
Network diagram for the Lubyanka office

Background

VTB bank is Russia’s second largest bank. In 2011, the bank was a major source of funding for Yuri Milner’s and Alisher Usmanov’s investments in Facebook and Twitter via DST Global. In 2014, the U.S. Treasury OFAC added the bank to its Sanctions list, followed by the EU, Canada, and other countries due to Russia’s annexation of Crimea and invasion of Ukraine. New sanctions were issued in 2022 by the U.S. and the U.K. in response to Russia’s war against Ukraine.

Approximately 97% of the bank’s shares are owned by three agencies of the Russian government:

  • 12.13% of (capital) shares – Federal Agency for State Property Management (Russia)

  • 32.88% of (capital) shares – Ministry of Finance (Russia)

  • 47.22% of (capital) shares – Deposit Insurance Agency of Russia

FSB Branch

Some of the files captured by GURMO are for construction of an office for private clients on Lubyanka street, about a three minute walk from FSB headquarters.

Ukraine’s government will be using the information obtained in this breach to find and seize Russian oligarchs’ funds along with a parallel effort being waged by the U.S. Treasury and Justice Departments Multi-lateral Russian Oligarch Task Force.

A small portion of the files that have been shared with Inside Cyber Warfare are available for download for paid subscribers. The rest are undergoing analysis by the government of Ukraine and will be shared with its U.S. and U.K. allies.

Contents include:

  • The Pre-Project Survey Report for VTB Bank’s additional office at Lubyanka

  • Photos of the project site

  • Design of the bank’s SCADA system

  • Design of the bank’s energy system

Keep reading with a 7-day free trial

Subscribe to Inside Cyber Warfare to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Jeffrey Caruso
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More